K31404801 : F5 BIG-IP TMM vulnerability CVE-2017-6169

Security Advisory Description

In versions 13.0.0, 12.0.0-12.1.3, or 11.6.0-11.6.2, an F5 BIG-IP virtual server using the URL categorization feature may cause the Traffic Management Microkernel (TMM) to produce a core file when it receives malformed URLs during categorization. (CVE-2017-6169).

Impact

An attacker may be able to disrupt traffic or cause the BIG-IP system to fail over to another device in the device group.

This vulnerability affects BIG-IP systems with the following configuration:

• The BIG-IP system has Policy Enforcement Manager (PEM) provisioned.
• The URL categorization feature is licensed on the system.
• One or more virtual servers use URL categorization through one of the following:
  • An iRule
  • A Centralized Policy Matching (CPM) rule.
  • A BIG-IP PEM policy.
• One or more virtual servers process malformed URL categorization input.

Note: The URL categorization feature enables you to enforce policies configured as part of the subscriber profile based on the URL category type; the URL categorization is obtained by querying an internal repository.